IPv6 Deployment WG in IPv6 Promotion Council and its Deployment Guideline 2005.2.23 IPv6 Deployment WG Chair Takashi Arano (Intec NetCore, Inc.)
“ IPv6 Deployment Guideline ” solves barriers for deployment “I can’t see IPv6’s immediate benefits for my network” 1. Proof of Concepts in various field trials ! To explore possibilities for new solutions and applications ! To proof cost benefit ! To provide case studies in which IPv6 is effective ! “I don’t know how to deploy” 2. Prepare “manuals” for each segment such as enterprise, ISP, home etc. ! Phases & process, security, etc. ! “I don’t still believe in IPv6’s stability nor reliability” 3. Interoperability Testing with IPv6 Forum Logo Program ! Machines should be used in various cases ! Feb,2004 IPv6PC Deployment WG 2
Framing of Guide line Definitions and Distinctions of the each segment ! BCP ! Analyzing and Modeling ! 2005-version Solution option, adaptable situation, negative profit ! Targeted NW & System + Application on v4:v6= 5:5 Coming soon! ! Typical equipment configuration and service pattern ! + Advantage ! Case Study Assignment for v4:v6= 5:5 ! Cost Estimation Problem to be solved ! Security Analysis Requirements to other segments (ISP) ! Security Model ! Policy ! Implementation ! Tips ! Practical know-how for transition ! Addressing, routing ! Server design ! 2004 Guideline Network system administration ! http://www.v6pc.jp/jp/wg/transWG/index.html Security ! Application ! v4-v6 translator ! Multicast ! Feb,2004 IPv6PC Deployment WG 3
Typical Scenario in IPv6 Introduction Period ! There are subtle difference between what IPv4 can do and what IPv6 can do. ! It would be non sense to ask what only IPv6 can do and just wait. ! Possible Scenario ! Deploy IPv6 as a new system ! Ex: Building Facility Management System area is moving to IP. There are many reasons to choose IPv6. ! Deploy IPv6-enable network at the time of network renovation ! Deploy IPv6 network overlaying IPv4 as a difference protocol to minimize existing network ! Don’t wait for the open IPv6 Internet ! Closed network/system comes first because it have less constraints. Feb,2004 IPv6PC Deployment WG 4
Security Analysis (part) アイテ 変化 サブア 脅威 ム イテム グローバルアドレスにより直接 誰もがサーバ(レスポンダ)になり得るためアプリケーションの脆弱性 A A-1 の到達性が得られる による被害がより顕在化する 直接の到達性が得られることからネットワーク内部まで DOS を受けう A-2 る範囲が広がる P2P アプリの利用環境が広がるが、通信元アドレス、受信ポートの範 A-3 囲が広いため DOS を受けやすくなる E2E の暗号化通信( IPsec 等)が簡単になるが、 経路上でパケット内を検査 A-4 することは出来ないため、 情報漏えい、ワーム感染を許してしまう危険性 がある IP アドレスそのものが持つ情 Eui-64 使用時の端末一意性により利用者の活動状況が把握されや B B-1 報量が増える すくなる IP アドレス入力時のヒューマンエラーの頻度が高まる B-2 Feb,2004 IPv6PC Deployment WG 5
Should IPv6 Address be Fixed or Variable? ! Should IPv6 Address which ISP assigns to a customer be fixed or variable? ! IPv6 community seems to assume that IPv6 be “fixed”. ! Terminal Vendor likes “fixed”. ! ISP prefer “variable” because of the cost. ! Privacy issue supports “variable”. ! Name resolution issue. DDNS is enough? ! How we can compromise?? Needs to discuss… Feb,2004 IPv6PC Deployment WG 6
Any Questions and Comments to Takashi Arano arano@inetcore.com Thank you!
Recommend
More recommend
